← Back

Sinergia

sinergia

Vendor: Idmsistemas • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-0580
1Idmsistemas
1Sinergia
Nov 21, 2024
Jan 18, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
Omission of user-controlled key authorization in the IDMSistemas platform, affecting the QSige product. This vulnerability allows an attacker to extract sensitive information from the API by making a request to the param...Show more
Omission of user-controlled key authorization in the IDMSistemas platform, affecting the QSige product. This vulnerability allows an attacker to extract sensitive information from the API by making a request to the parameter '/qsige.locator/quotePrevious/centers/X', where X supports values 1,2,3, etc.Show less